package cn.tedu.straw.api.question.security;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // 访问控制
        // authorizeRequests()：对请求进行验证
        // anyRequest()：除了此前配置过的URL以外的所有请求
        // permitAll()：直接许可，即不需要验证
        http.authorizeRequests().anyRequest().permitAll();

        http.csrf().disable();
    }

}
